<?
	if (!defined('i-Teck_ADMIN')) die("Hacking attempt");
//session_start();
	switch($mod){
		case "add":			
			//session_start();
			
		?>

   		<article class="module width_full">
			<header><h3>Thêm Comments</h3></header>
<form name="f1" method="post" action="">

				<div class="module_content">		
					<fieldset>
							<label>Tiêu đề</label>
						    <input name="ten" type="text" id="ten" size="50" />
					</fieldset>
					<fieldset>
							<label>Danh Mục sản phẩm</label>
						    <select name="catid" id="catid">    
								<? $result=mysql_query("select * from shop_product");
									while($r=mysql_fetch_array($result)){ ?>
									<option value="<? echo $r["id"];?>"><? echo stripslashes($r["ten"]);?></option>
										<? }?>
								</select>
					</fieldset>	
					<fieldset>
							<label>Hiển thị</label>
						    <input type="radio" name="henthi" value="1" />Có  
							<input type="radio" name="henthi" value="0" checked="checked"/>Không
					</fieldset>	
					<fieldset>
							<label>Link</label>
							<input name="gioithieu" type="text" id="gioithieu" size="50" />
					</fieldset>	
					<fieldset><center><input type="submit" name="cmd" id="cmd" value="Thêm" class="alt_btn"></center>
					</fieldset>	
		</article><!-- end of styles article -->
</form>
<?
if(isset($_POST["cmd"])=="Thêm"){
	mysql_query("INSERT INTO shop_comments (idsp,tieude,url,hienthi) values 
				('".addslashes($_POST["catid"])."',
				'".addslashes($_POST["ten"])."',
				'".addslashes($_POST["gioithieu"])."',
				'".addslashes($_POST["hienthi"])."')");
	mysql_close();
	echo "<meta http-equiv='refresh' content='0; url=?act=comments&mod=view&page=1'>";
	}
	break;	
	case "view":	
	?>
   		<article class="module width_full">
			<header><h3>Thêm sản phẩm</h3></header>
				<div class="tab_container">
					<div id="tab1" class="tab_content">
						<table class="tablesorter" cellspacing="0"> 
						<thead> 
						<tr> 
    					<th>ID</th> 
    					<th>Tiêu đề comments</th> 
    					<th>sản phẩm</th> 
    					<th>Sửa</th>
    					<th>Xóa</th>
						</tr> 
						</thead> 
						<tbody> 
 <?
  	$result = mysql_query("select * from shop_comments order by id desc");
	//$page = 0;
	$sobanghi=15; //Số thể loại hiển thị trong 1 trang
	$sotrang = ceil(mysql_num_rows($result)/$sobanghi);
	$page = intval(($_REQUEST["page"]));
	if ($page <=0 ){ $page=1;}
	if ($page>$sotrang)  {$page=$sotrang;}
	$result2=mysql_query("select * from shop_comments order by id desc limit ".($page-1)*$sobanghi.",".$sobanghi);	
	while($r=mysql_fetch_array($result2)){				
  ?>
  <tr>
   <td><? echo $r["id"];?></td>
    <td><a href=?act=comments&mod=edit&id=<? echo $r['id'];?>><? echo $r["tieude"];?></a></td>
    <? $id=$r["idsp"];
	$result1=mysql_query("select * from shop_product where id=$id");
	while($r1=mysql_fetch_array($result1)){
	?>
    <td><a href=?act=product&mod=edit&id=<? echo $r1['id'];?>><? echo stripslashes($r1["ten"]); }?></a></td>
   
      <td><a href=?act=comments&mod=edit&id=<? echo $r['id'];?>>Sửa</a></td>
    <td><a onClick="return  confirm('Bạn có muốn xóa ko');"href=?act=comments&mod=delete&id=<? echo $r['id'];?>>Xóa</a></td>
  </tr>
  <? }?>
  
<div align="center">
<? showPageNavigation($page,$sotrang, '','?act=comments&mod=view&page=');?> 
</center>
  

			</tbody> 
			</table></div></div>
		</article><!-- end of styles article -->
	<? break;

	case "edit":
	
		$id=intval($_REQUEST["id"]);
		$result=mysql_query("select * from shop_comments where id=$id");
		if(mysql_num_rows($result)<=0){echo"<center><font color=red>Chưa có dữ liệu</font</center>";}
		while($r=mysql_fetch_array($result)){ 
	?>
	

    <form name="f1" method="post" action="">
    		<article class="module width_full">
			<header><h3>Commets</h3></header>
				<div class="module_content">				
				<fieldset>
							<label>Tiêu đề</label>
						    <input name="ten" type="text" id="ten" value="<? echo $r["tieude"];?>" size="50" />
				</fieldset>				
				<fieldset>
							<label>Sản phẩm</label>
						    <select name="catid" id="catid">      
      <? $result=mysql_query("select * from shop_product");
	  while($r1=mysql_fetch_array($result)){ ?>
       <option value="<? echo $r1["id"];?>"><? echo stripslashes($r1["ten"]);?></option>
       <? } ?>     

        </select>
				</fieldset>		
				<fieldset>
							<label>Đường dẫn</label>
				</fieldset>	
				<fieldset> 
							<input name="gioithieu" type="text" id="gioithieu" value="<? echo stripslashes($r["url"]);?>" size="50" />
				</fieldset>	
				<fieldset>
							<label>Hiển thị</label>
				</fieldset>
					<fieldset>
							<center><input type="radio" name="hienthi" value="0" <? if($r['hienthi']=="0"){echo'checked="checked"';}?>/>Không
									<input type="radio" name="hienthi" value="1"<? if($r['hienthi']=="1"){echo'checked="checked"';}?>/>Có</center>
					</fieldset>		
				<fieldset>
							<center><input type="submit" name="cmd" id="cmd" value="Sửa" class="alt_btn"></center>
				</fieldset>	</div>
		</article><!-- end of styles article -->
</form>
<? } if(isset($_REQUEST["cmd"])=="Sửa"){
		mysql_query("UPDATE shop_comments SET
					idsp='".addslashes($_POST["catid"])."',
					tieude='".addslashes($_POST["ten"])."',
					url='".addslashes($_POST["gioithieu"])."',
					hienthi='".intval($_POST["hienthi"])."' where id=$id");
	mysql_close();
		echo "<meta http-equiv='refresh' content='0; url=?act=comments&mod=view&page='>"; }
	
	break;
	
	case "delete":
		$id=intval($_GET["id"]);		
		mysql_query("delete from shop_product where id=$id");
		mysql_close();
		echo "<meta http-equiv='refresh' content='0; url=?act=comments&mod=view&page='>";
	break;
	
	
	case "up-anh":
	
	
?>




<form enctype="multipart/form-data" method="post">
 <div align="center">
   <h1>Upload file 
   </h1>
 </div>

 
 <table width="400" border="0" align="center" cellpadding="3" cellspacing="3">
    <tr>
      <td>Chon file 1: </td>
      <td><input name="f1" type="file" id="f1"></td>
    </tr>

	
    <tr>
      <td>&nbsp;</td>
      <td><input name="cmd" type="submit" id="cmd" value="Upload">
      <input type="reset" name="Reset" value="Reset"></td>
    </tr>
  </table>
</form> 
<?

	if ($_REQUEST["cmd"] =="Upload"){
		$a = $_FILES["f1"]["tmp_name"];
		$b = $_FILES["f1"]["name"];
		$c = $_FILES["f1"]["size"];
		$d = $_FILES["f1"]["type"];
		$e = $_FILES["f1"]["error"];
		
		 
		echo strstr("image",$d); 
		if (!getimagesize($_FILES['f1']['tmp_name']))
			{ echo "<font color=red><center>Invalid Image File...</center></font>";
			exit();
			}
			
			if (substr($d,0,5)=="image"){
				
		move_uploaded_file($a,"../img/product/".$b);
		echo "Đã upload thành công file <b>{$b}</b>!<br>Click vào ảnh để chọn file này.<br>";
		
		echo "<a title='Chọn file này' href=# onclick=\"window.opener.document.f1.hinhanh.value='$b'; window.opener.document.img.src='../img/product/$b';window.close();\"><img border=0 width=80 src=../img/product/".$b." height=60></a>";
		
 
		
		
		} else {
		echo "Upload không thành công!";
		}
	}
			break;
			
			case "chon-anh":?>
			<h1 align="center">Chọn ảnh</h1>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<? 
$a = opendir("../img/product");
$i=0;
while($f=readdir($a)){
	
	if ($f!="." && $f!=".."){
		$b = substr($f,strlen($f)-3,3);
		
		if ($b=="jpg" || $b =="jpe" || $b=="gif" || $b=="bmp"){
		if ($i==0) echo "<tr>";
		$i++;
		echo "<td><a href=# onclick=\"window.opener.document.f1.hinhanh.value='$f'; window.opener.document.img.src='../img/product/$f'; window.close();\"><img border=0 width=80 src=../img/product/".$f." title='$f'>
			</a>
		</td>";
		
		
		if ($i==2) {echo "</tr>"; $i=0;}
		}
	}
}
?>
</table><?
			break;
			
	
	
	case "up-anh1":
	
	
?>




<form enctype="multipart/form-data" method="post">
 <div align="center">
   <h1>Upload file 
   </h1>
 </div>

 
 <table width="400" border="0" align="center" cellpadding="3" cellspacing="3">
    <tr>
      <td>Chon file 1: </td>
      <td><input name="f1" type="file" id="f1"></td>
    </tr>

	
    <tr>
      <td>&nbsp;</td>
      <td><input name="cmd" type="submit" id="cmd" value="Upload">
      <input type="reset" name="Reset" value="Reset"></td>
    </tr>
  </table>
</form> 
<?

	if ($_REQUEST["cmd"] =="Upload"){
		$a = $_FILES["f1"]["tmp_name"];
		$b = $_FILES["f1"]["name"];
		$c = $_FILES["f1"]["size"];
		$d = $_FILES["f1"]["type"];
		$e = $_FILES["f1"]["error"];
		
		 
		echo strstr("image",$d); 
		if (!getimagesize($_FILES['f1']['tmp_name']))
			{ echo "<font color=red><center>Invalid Image File...</center></font>";
			exit();
			}
			
			if (substr($d,0,5)=="image"){
				
		move_uploaded_file($a,"../img/product/".$b);
		echo "Đã upload thành công file <b>{$b}</b>!<br>Click vào ảnh để chọn file này.<br>";
		
		echo "<a title='Chọn file này' href=# onclick=\"window.opener.document.f1.slide1.value='$b'; window.opener.document.img.src='../img/product/$b';window.close();\"><img border=0 width=80 src=../img/product/".$b." height=60></a>";
		
 
		
		
		} else {
		echo "Upload không thành công!";
		}
	}
			break;
			
			case "chon-anh1":?>
			<h1 align="center">Chọn ảnh</h1>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<? 
$a = opendir("../img/product");
$i=0;
while($f=readdir($a)){
	
	if ($f!="." && $f!=".."){
		$b = substr($f,strlen($f)-3,3);
		
		if ($b=="jpg" || $b =="jpe" || $b=="gif" || $b=="bmp"){
		if ($i==0) echo "<tr>";
		$i++;
		echo "<td><a href=# onclick=\"window.opener.document.f1.slide1.value='$f'; window.opener.document.img.src='../img/product/$f'; window.close();\"><img border=0 width=80 src=../img/product/".$f." title='$f'>
			</a>
		</td>";
		
		
		if ($i==2) {echo "</tr>"; $i=0;}
		}
	}
}
?>
</table><?
			break;
			
	
	
	case "up-anh2":
	
	
?>




<form enctype="multipart/form-data" method="post">
 <div align="center">
   <h1>Upload file 
   </h1>
 </div>

 
 <table width="400" border="0" align="center" cellpadding="3" cellspacing="3">
    <tr>
      <td>Chon file 1: </td>
      <td><input name="f1" type="file" id="f1"></td>
    </tr>

	
    <tr>
      <td>&nbsp;</td>
      <td><input name="cmd" type="submit" id="cmd" value="Upload">
      <input type="reset" name="Reset" value="Reset"></td>
    </tr>
  </table>
</form> 
<?

	if ($_REQUEST["cmd"] =="Upload"){
		$a = $_FILES["f1"]["tmp_name"];
		$b = $_FILES["f1"]["name"];
		$c = $_FILES["f1"]["size"];
		$d = $_FILES["f1"]["type"];
		$e = $_FILES["f1"]["error"];
		
		 
		echo strstr("image",$d); 
		if (!getimagesize($_FILES['f1']['tmp_name']))
			{ echo "<font color=red><center>Invalid Image File...</center></font>";
			exit();
			}
			
			if (substr($d,0,5)=="image"){
				
		move_uploaded_file($a,"../img/product/".$b);
		echo "Đã upload thành công file <b>{$b}</b>!<br>Click vào ảnh để chọn file này.<br>";
		
		echo "<a title='Chọn file này' href=# onclick=\"window.opener.document.f1.slide2.value='$b'; window.opener.document.img.src='../img/product/$b';window.close();\"><img border=0 width=80 src=../img/product/".$b." height=60></a>";
		
 
		
		
		} else {
		echo "Upload không thành công!";
		}
	}
			break;
			
			case "chon-anh2":?>
			<h1 align="center">Chọn ảnh</h1>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<? 
$a = opendir("../img/product");
$i=0;
while($f=readdir($a)){
	
	if ($f!="." && $f!=".."){
		$b = substr($f,strlen($f)-3,3);
		
		if ($b=="jpg" || $b =="jpe" || $b=="gif" || $b=="bmp"){
		if ($i==0) echo "<tr>";
		$i++;
		echo "<td><a href=# onclick=\"window.opener.document.f1.slide2.value='$f'; window.opener.document.img.src='../img/product/$f'; window.close();\"><img border=0 width=80 src=../img/product/".$f." title='$f'>
			</a>
		</td>";
		
		
		if ($i==2) {echo "</tr>"; $i=0;}
		}
	}
}
?>
</table><?
			break;
			
	
	
	case "up-anh3":
	
	
?>




<form enctype="multipart/form-data" method="post">
 <div align="center">
   <h1>Upload file 
   </h1>
 </div>

 
 <table width="400" border="0" align="center" cellpadding="3" cellspacing="3">
    <tr>
      <td>Chon file 1: </td>
      <td><input name="f1" type="file" id="f1"></td>
    </tr>

	
    <tr>
      <td>&nbsp;</td>
      <td><input name="cmd" type="submit" id="cmd" value="Upload">
      <input type="reset" name="Reset" value="Reset"></td>
    </tr>
  </table>
</form> 
<?

	if ($_REQUEST["cmd"] =="Upload"){
		$a = $_FILES["f1"]["tmp_name"];
		$b = $_FILES["f1"]["name"];
		$c = $_FILES["f1"]["size"];
		$d = $_FILES["f1"]["type"];
		$e = $_FILES["f1"]["error"];
		
		 
		echo strstr("image",$d); 
		if (!getimagesize($_FILES['f1']['tmp_name']))
			{ echo "<font color=red><center>Invalid Image File...</center></font>";
			exit();
			}
			
			if (substr($d,0,5)=="image"){
				
		move_uploaded_file($a,"../img/product/".$b);
		echo "Đã upload thành công file <b>{$b}</b>!<br>Click vào ảnh để chọn file này.<br>";
		
		echo "<a title='Chọn file này' href=# onclick=\"window.opener.document.f1.slide3.value='$b'; window.opener.document.img.src='../img/product/$b';window.close();\"><img border=0 width=80 src=../img/product/".$b." height=60></a>";
		
 
		
		
		} else {
		echo "Upload không thành công!";
		}
	}
			break;
			
			case "chon-anh3":?>
			<h1 align="center">Chọn ảnh</h1>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<? 
$a = opendir("../img/product");
$i=0;
while($f=readdir($a)){
	
	if ($f!="." && $f!=".."){
		$b = substr($f,strlen($f)-3,3);
		
		if ($b=="jpg" || $b =="jpe" || $b=="gif" || $b=="bmp"){
		if ($i==0) echo "<tr>";
		$i++;
		echo "<td><a href=# onclick=\"window.opener.document.f1.slide3.value='$f'; window.opener.document.img.src='../img/product/$f'; window.close();\"><img border=0 width=80 src=../img/product/".$f." title='$f'>
			</a>
		</td>";
		
		
		if ($i==2) {echo "</tr>"; $i=0;}
		}
	}
}
?>
</table><?
			break;
			
	
	
	case "up-anh4":
	
	
?>




<form enctype="multipart/form-data" method="post">
 <div align="center">
   <h1>Upload file 
   </h1>
 </div>

 
 <table width="400" border="0" align="center" cellpadding="3" cellspacing="3">
    <tr>
      <td>Chon file 1: </td>
      <td><input name="f1" type="file" id="f1"></td>
    </tr>

	
    <tr>
      <td>&nbsp;</td>
      <td><input name="cmd" type="submit" id="cmd" value="Upload">
      <input type="reset" name="Reset" value="Reset"></td>
    </tr>
  </table>
</form> 
<?

	if ($_REQUEST["cmd"] =="Upload"){
		$a = $_FILES["f1"]["tmp_name"];
		$b = $_FILES["f1"]["name"];
		$c = $_FILES["f1"]["size"];
		$d = $_FILES["f1"]["type"];
		$e = $_FILES["f1"]["error"];
		
		 
		echo strstr("image",$d); 
		if (!getimagesize($_FILES['f1']['tmp_name']))
			{ echo "<font color=red><center>Invalid Image File...</center></font>";
			exit();
			}
			
			if (substr($d,0,5)=="image"){
				
		move_uploaded_file($a,"../img/product/".$b);
		echo "Đã upload thành công file <b>{$b}</b>!<br>Click vào ảnh để chọn file này.<br>";
		
		echo "<a title='Chọn file này' href=# onclick=\"window.opener.document.f1.slide4.value='$b'; window.opener.document.img.src='../img/product/$b';window.close();\"><img border=0 width=80 src=../img/product/".$b." height=60></a>";
		
 
		
		
		} else {
		echo "Upload không thành công!";
		}
	}
			break;
			
			case "chon-anh4":?>
			<h1 align="center">Chọn ảnh</h1>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<? 
$a = opendir("../img/product");
$i=0;
while($f=readdir($a)){
	
	if ($f!="." && $f!=".."){
		$b = substr($f,strlen($f)-3,3);
		
		if ($b=="jpg" || $b =="jpe" || $b=="gif" || $b=="bmp"){
		if ($i==0) echo "<tr>";
		$i++;
		echo "<td><a href=# onclick=\"window.opener.document.f1.slide4.value='$f'; window.opener.document.img.src='../img/product/$f'; window.close();\"><img border=0 width=80 src=../img/product/".$f." title='$f'>
			</a>
		</td>";
		
		
		if ($i==2) {echo "</tr>"; $i=0;}
		}
	}
}
?>
</table><?
			break;
			
	
	case "up-anh5":
	
	
?>




<form enctype="multipart/form-data" method="post">
 <div align="center">
   <h1>Upload file 
   </h1>
 </div>

 
 <table width="400" border="0" align="center" cellpadding="3" cellspacing="3">
    <tr>
      <td>Chon file 1: </td>
      <td><input name="f1" type="file" id="f1"></td>
    </tr>

	
    <tr>
      <td>&nbsp;</td>
      <td><input name="cmd" type="submit" id="cmd" value="Upload">
      <input type="reset" name="Reset" value="Reset"></td>
    </tr>
  </table>
</form> 
<?

	if ($_REQUEST["cmd"] =="Upload"){
		$a = $_FILES["f1"]["tmp_name"];
		$b = $_FILES["f1"]["name"];
		$c = $_FILES["f1"]["size"];
		$d = $_FILES["f1"]["type"];
		$e = $_FILES["f1"]["error"];
		
		 
		echo strstr("image",$d); 
		if (!getimagesize($_FILES['f1']['tmp_name']))
			{ echo "<font color=red><center>Invalid Image File...</center></font>";
			exit();
			}
			
			if (substr($d,0,5)=="image"){
				
		move_uploaded_file($a,"../img/product/".$b);
		echo "Đã upload thành công file <b>{$b}</b>!<br>Click vào ảnh để chọn file này.<br>";
		
		echo "<a title='Chọn file này' href=# onclick=\"window.opener.document.f1.anhnho.value='$b'; window.opener.document.img.src='../img/product/$b';window.close();\"><img border=0 width=80 src=../img/product/".$b." height=60></a>";
		
 
		
		
		} else {
		echo "Upload không thành công!";
		}
	}
			break;
			
			case "chon-anh5":?>
			<h1 align="center">Chọn ảnh</h1>
<table width="100%" border="0" cellpadding="0" cellspacing="0">
<? 
$a = opendir("../img/product");
$i=0;
while($f=readdir($a)){
	
	if ($f!="." && $f!=".."){
		$b = substr($f,strlen($f)-3,3);
		
		if ($b=="jpg" || $b =="jpe" || $b=="gif" || $b=="bmp"){
		if ($i==0) echo "<tr>";
		$i++;
		echo "<td><a href=# onclick=\"window.opener.document.f1.anhnho.value='$f'; window.opener.document.img.src='../img/product/$f'; window.close();\"><img border=0 width=80 src=../img/product/".$f." title='$f'>
			</a>
		</td>";
		
		
		if ($i==2) {echo "</tr>"; $i=0;}
		}
	}
}
?>
</table><?
			break;
	}
	?>

